Fix security issue with PB_ENABLE_MALLOC. - agl-service-can-low-level - Low level CAN service made to decode and write on CAN bus.

diff options

author	Petteri Aimonen <jpa@git.mail.kapsi.fi>	2014-05-17 20:06:55 +0300
committer	Petteri Aimonen <jpa@git.mail.kapsi.fi>	2014-05-17 20:06:55 +0300
commit	5ef128616baffd15bb904fc56f651d40901be429 (patch)
tree	d09614ab604b9398de88c09870b6ac8b26af5c5f /tests/field_size_16
parent	ba2ab9ea65d029b2560c461be317f3cf0d19eb3e (diff)

Fix security issue with PB_ENABLE_MALLOC.

The multiplication in allocate_field could potentially overflow, leading to allocating too little memory. This could subsequently allow an attacker to cause a write past the buffer, overwriting other memory contents. The attack is possible if untrusted message data is decoded using nanopb, and the message type includes a pointer-type string or bytes field, or a repeated numeric field. Submessage fields are not affected. This issue only affects systems that have been compiled with PB_ENABLE_MALLOC enabled. Only version nanopb-0.2.7 is affected, as prior versions do not include this functionality. Update issue 117 Status: FixedInGit

Diffstat (limited to 'tests/field_size_16')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: